SELinux Users

Linux users are mapped to SELinux users via a policy. This allow inheriting rules that would restrict things they can do in a system. Following command will give you all the mapping and users on a CentOS/RHEL system

Note that all users by default mapped to unconfined_u since that are considered __default__ linux users unless specified with a user mapping.

If you are an unconfined user and you execute and program that defined a policy that transition unconfined_t domain to a confined_t. Then you are subject to restriction on that domain. This is to prevent unconfined users from exploiting flow in confined applications.